WO2012129637A3 - Method of securing memory against malicious attack - Google Patents
Method of securing memory against malicious attack Download PDFInfo
- Publication number
- WO2012129637A3 WO2012129637A3 PCT/CA2011/050167 CA2011050167W WO2012129637A3 WO 2012129637 A3 WO2012129637 A3 WO 2012129637A3 CA 2011050167 W CA2011050167 W CA 2011050167W WO 2012129637 A3 WO2012129637 A3 WO 2012129637A3
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- heap
- memory
- buffers
- segment
- secure
- Prior art date
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/78—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/46—Multiprogramming arrangements
- G06F9/50—Allocation of resources, e.g. of the central processing unit [CPU]
- G06F9/5005—Allocation of resources, e.g. of the central processing unit [CPU] to service a request
- G06F9/5011—Allocation of resources, e.g. of the central processing unit [CPU] to service a request the resources being hardware resources other than CPUs, Servers and Terminals
- G06F9/5016—Allocation of resources, e.g. of the central processing unit [CPU] to service a request the resources being hardware resources other than CPUs, Servers and Terminals the resource being the memory
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F12/00—Accessing, addressing or allocating within memory systems or architectures
- G06F12/02—Addressing or allocation; Relocation
- G06F12/0223—User address space allocation, e.g. contiguous or non contiguous base addressing
- G06F12/023—Free address space management
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F12/00—Accessing, addressing or allocating within memory systems or architectures
- G06F12/14—Protection against unauthorised use of memory or access to memory
- G06F12/1408—Protection against unauthorised use of memory or access to memory by using cryptography
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- Storage Device Security (AREA)
Abstract
A method and system for secure dynamic memory management using heap memory, or analogous dynamic memory allocation, that includes initializing a heap memory segment, having a plurality of buffers, within a random access memory. When an allocation request to store data in the heap memory segment is received, one of the buffers is randomly selected. Metadata, containing details of allocated and unallocated buffers of the heap memory segment, is then maintained in a portion of the memory separate from the heap object. According to certain embodiments, the secure heap of the present disclosure can securely implement the functions of those portions of the C/C++ stdlib library related to dynamic memory management, specifically malloc ( ), free ( ) and their variants.
Priority Applications (4)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
PCT/CA2011/050167 WO2012129637A2 (en) | 2011-03-30 | 2011-03-30 | Method of securing memory against malicious attack |
CN201180071247.7A CN103827879A (en) | 2011-03-30 | 2011-03-30 | Method of securing memory against malicious attack |
EP11862519.3A EP2691861A4 (en) | 2011-03-30 | 2011-03-30 | Method of securing memory against malicious attack |
US14/007,475 US20140020112A1 (en) | 2011-03-30 | 2011-03-30 | Method of Securing Memory Against Malicious Attack |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
PCT/CA2011/050167 WO2012129637A2 (en) | 2011-03-30 | 2011-03-30 | Method of securing memory against malicious attack |
Publications (2)
Publication Number | Publication Date |
---|---|
WO2012129637A2 WO2012129637A2 (en) | 2012-10-04 |
WO2012129637A3 true WO2012129637A3 (en) | 2012-12-06 |
Family
ID=46931990
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/CA2011/050167 WO2012129637A2 (en) | 2011-03-30 | 2011-03-30 | Method of securing memory against malicious attack |
Country Status (4)
Country | Link |
---|---|
US (1) | US20140020112A1 (en) |
EP (1) | EP2691861A4 (en) |
CN (1) | CN103827879A (en) |
WO (1) | WO2012129637A2 (en) |
Families Citing this family (21)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10311227B2 (en) | 2014-09-30 | 2019-06-04 | Apple Inc. | Obfuscation of an address space layout randomization mapping in a data processing system |
US10311228B2 (en) * | 2014-09-30 | 2019-06-04 | Apple Inc. | Using a fine-grained address space layout randomization to mitigate potential security exploits |
JP6316734B2 (en) * | 2014-11-25 | 2018-04-25 | アイシン・エィ・ダブリュ株式会社 | Road information statistical system, road information statistical method and computer program |
US20160334969A1 (en) * | 2015-05-11 | 2016-11-17 | Facebook, Inc. | Methods and Systems for Viewing an Associated Location of an Image |
US10891167B2 (en) * | 2015-12-30 | 2021-01-12 | Siege Technologies, Llc | Memory fractionation software protection |
CN105810240B (en) * | 2016-04-12 | 2018-08-21 | 西安紫光国芯半导体有限公司 | A kind of large capacity Static RAM and its production method |
FR3050844B1 (en) * | 2016-04-27 | 2018-11-23 | Morpho | METHOD FOR ALLOCATING MEMORY SPACE |
US10268601B2 (en) | 2016-06-17 | 2019-04-23 | Massachusetts Institute Of Technology | Timely randomized memory protection |
US10191791B2 (en) * | 2016-07-02 | 2019-01-29 | Intel Corporation | Enhanced address space layout randomization |
US10310991B2 (en) * | 2016-08-11 | 2019-06-04 | Massachusetts Institute Of Technology | Timely address space randomization |
EP3373208A1 (en) * | 2017-03-08 | 2018-09-12 | Nxp B.V. | Method and system for facilitating reliable pattern detection |
US10552847B2 (en) * | 2017-03-23 | 2020-02-04 | International Business Machines Corporation | Real-time pattern matching of database transactions and unstructured text |
CN108733311B (en) * | 2017-04-17 | 2021-09-10 | 伊姆西Ip控股有限责任公司 | Method and apparatus for managing storage system |
US10229046B2 (en) | 2017-06-01 | 2019-03-12 | International Business Machines Corporation | Memory categorization |
US10628315B2 (en) | 2017-09-28 | 2020-04-21 | Intel Corporation | Secure memory repartitioning technologies |
WO2020089885A1 (en) * | 2018-10-29 | 2020-05-07 | Sternum Ltd. | Dynamic memory protection |
US11036406B2 (en) * | 2019-05-21 | 2021-06-15 | International Business Machines Corporation | Thermally aware memory management |
US11281513B2 (en) | 2019-06-07 | 2022-03-22 | International Business Machines Corporation | Managing heap metadata corruption |
US20210157738A1 (en) * | 2019-11-26 | 2021-05-27 | International Business Machines Corporation | Recoverable user cache within recoverable application memory within volatile memory |
US12019759B2 (en) * | 2021-01-07 | 2024-06-25 | Nxp B.V. | Data processing system and method for protecting data in the data processing system |
US11687440B2 (en) * | 2021-02-02 | 2023-06-27 | Thales Dis Cpl Usa, Inc. | Method and device of protecting a first software application to generate a protected software application |
Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20100106920A1 (en) * | 2008-10-29 | 2010-04-29 | Microsoft Corporation | Data location obfuscation |
Family Cites Families (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR100846499B1 (en) * | 2006-10-27 | 2008-07-17 | 삼성전자주식회사 | Method and apparatus for managing memory |
US7802232B2 (en) * | 2006-03-31 | 2010-09-21 | Microsoft Corporation | Software robustness through search for robust runtime implementations |
US20080094877A1 (en) * | 2006-10-20 | 2008-04-24 | Honeywell International Inc. | Faster initialization of dram memory |
US7761676B2 (en) * | 2006-12-12 | 2010-07-20 | Intel Corporation | Protecting memory by containing pointer accesses |
-
2011
- 2011-03-30 WO PCT/CA2011/050167 patent/WO2012129637A2/en active Application Filing
- 2011-03-30 US US14/007,475 patent/US20140020112A1/en not_active Abandoned
- 2011-03-30 CN CN201180071247.7A patent/CN103827879A/en active Pending
- 2011-03-30 EP EP11862519.3A patent/EP2691861A4/en not_active Withdrawn
Patent Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20100106920A1 (en) * | 2008-10-29 | 2010-04-29 | Microsoft Corporation | Data location obfuscation |
Non-Patent Citations (2)
Title |
---|
AGGARWAL: "Thinking Beyond Heap Randomization", 12 February 2009 (2009-02-12), XP008171561, Retrieved from the Internet <URL:http://www.stanford.edu/~agaurav/files/heap.pdf> [retrieved on 20111201] * |
KHARBUTLI ET AL.: "Comprehensively and Efficiently Protecting the Heap", ASPLOS'06, 21 October 2006 (2006-10-21), SAN JOSE, CALIFORNIA, USA, XP007912510, Retrieved from the Internet <URL:http://www.ece.ncsu.edu/arpers/Papers/heapserver-asplos06.pdf> [retrieved on 20111201] * |
Also Published As
Publication number | Publication date |
---|---|
WO2012129637A2 (en) | 2012-10-04 |
US20140020112A1 (en) | 2014-01-16 |
CN103827879A (en) | 2014-05-28 |
EP2691861A2 (en) | 2014-02-05 |
EP2691861A4 (en) | 2015-01-14 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2012129637A3 (en) | Method of securing memory against malicious attack | |
GB2504411A (en) | Shared resource and virtual resource management in a networked environment | |
WO2014033606A3 (en) | Systems and methods of memory and access management | |
GB2492870A (en) | Optimizing a file system for different types of applications in a compute cluster using dynamic block size granularity | |
IN2015DN01544A (en) | ||
WO2011143628A3 (en) | Apparatus, system, and method for conditional and atomic storage operations | |
NZ617451A (en) | Stream-based software application delivery and launching system | |
WO2013148440A3 (en) | Managing coherent memory between an accelerated processing device and a central processing unit | |
TW200951715A (en) | Memory system | |
EP2396730A4 (en) | Devices and methods for optimizing data-parallel processing in multi-core computing systems | |
WO2015192045A3 (en) | Precisely tracking memory usage in multi-process computing environment | |
WO2016044112A3 (en) | Efficient data movement within file system volumes | |
GB201116597D0 (en) | Method and system for sharing data between software systems | |
WO2009023629A3 (en) | Memory device and method having on-board address protection system for facilitating interface with multiple processors, and computer system using same | |
WO2012154838A3 (en) | Generating application recommendations based on user installed applications | |
WO2009124014A8 (en) | Cache optimization | |
GB2493679A (en) | Managing write operations to an extent of tracks migrated between storage devices | |
GB2497235A (en) | Apparatus and method for managing software applications using partitioned data storage devices | |
PH12017500241A1 (en) | File access method, device and storage system | |
WO2015108708A3 (en) | Unified memory systems and methods | |
WO2012024508A3 (en) | Systems and methods for securing virtual machine computing environments | |
EP1589411A3 (en) | Managing method for storing subsystem | |
WO2012044015A3 (en) | Method and apparatus for dynamic resource allocation of processing units | |
ATE520080T1 (en) | STORAGE MANAGEMENT | |
EP4276614A3 (en) | Method and system for low latency data management |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
WWE | Wipo information: entry into national phase |
Ref document number: 14007475 Country of ref document: US |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2011862519 Country of ref document: EP |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 11862519 Country of ref document: EP Kind code of ref document: A2 |